The process of authentication is generally one of verifying an identity. Messages are typically exchanged during said process between a checking unit and a device requiring to be authenticated. An attacker intercepting said messages needing to be exchanged will be able to use the intercepted messages to fake an identity. The authentication can serve, for instance, for reliably recognizing a device, for example a sensor or battery. In another application scenario the authentication serves to recognize original products. It may also be necessary to check the identity of the client or server in the case of client-server communication.
Conventional methods often employ a challenge-response process for authentication purposes. A challenge message created as a function of a random number, for example, is therein transmitted to the device. The device thereupon uses a secret cryptographic key to compute a second value that is referred to also as a response message. Said response message is sent back to the challenge's originator which thereupon checks whether the response is correct. Since only an original product or device will be able to compute a correct response message, it will hence be possible to reliably distinguish an original product or device from a fake.
With conventional authentication methods it is often necessary to check a device not only locally but also from a distance via a communication facility, for example over the internet, via mobile radio, or over other data links. It is necessary particularly when the device is remotely maintained. The problem often arising when an identity is remotely checked is that an intermediate instance is able to read out messages and use them to fake an identity. This attack scenario is known as a man-in-the-middle attack.
Symmetric RFID tag authentication is applied in conventional methods. Chips are therein employed that perform cryptographic operations for reliably recognizing an original product.
An asymmetric crypto system consists of a plurality of intercommunicating instances each of which possesses a pair of keys comprising a secret and a non-secret part. Asymmetric cryptography methods are known also as public key methods.
What are termed key-binding methods are furthermore used in conventional methods. A cryptographic key is therein committed to a specific purpose. This is done in conventional methods by means of, for instance, key derivation using a key derivation function which as input parameter, in addition to the non-committed key, employs a character string that describes the intended purpose. As an example thereof, in the case of WiMAX a Mobile IP Root Key MIPRK is first computed from a non-committed key EMSK and other, committed mobile IP keys computed from said MIPRK.
Network security protocols are furthermore used in conventional methods for cryptographically protecting IP-based communication. The communication partners are therein authenticated both unilaterally and mutually. Frequently used protocols that authenticate a communication partner are known as SSL, TLS, or IKE for IPsec. The authentication of a communication partner, especially an http server, via SSL or TLS is therein performed using a digital certificate. In addition to the server's public key, said certificate also contains information about the server, in particular its identifiers such as, for example, its name, DNS name, or IP address.
Known likewise from conventional methods is the Kerberos protocol with the aid of which authentication and authorization can be realized via a trusted third party. Kerberos is based on the use of symmetric keys.
FIG. 1 shows the Kerberos authentication service according to a conventional method. Kerberos is a distributed authentication service or a network protocol that was developed for open and insecure computer networks such as the internet, for instance. According to Kerberos the authentication is handled by a trusted third party, for example a Kerberos server.
According to the Kerberos method described in FIG. 1, a user N employs a request message or a request R-TG-T at a first step to apply for a Ticket-Granting Ticket by means of an R-TG-T message from a Kerberos server KS. A ticket is therein an authorization message by means of which the respective owner of the message is granted access to the server S. The Kerberos server KS conveys a ticket T and a ticket-granting session key TGSK to the user N at an ensuing step. For conveying the two messages—ticket T and ticket-granting session key TGSK—the Kerberos server KS has a key distribution service KDS. Said key distribution service KDS communicates with a database DB over a data link.
At an ensuing step of the method the user N applies for a service-grant ticket SGT, for which purpose the Kerberos server KS accesses a ticket-granting server TGS. The ticket-granting server TGS thereupon conveys a ticket message T and a session key SK to the user N. The user N creates a request service message RS as a function of the received messages and conveys it to another server S. Said server S conveys a server authenticator message SA to the user N as a function of a check performed on the request service message RS.
Another example of a network protocol according to a conventional method is SAML, known also as Secure Assertion Mark-up Language. In contrast to Kerberos it is also possible to use asymmetric methods in SAML.
FIG. 2 describes a device authentication process according to a conventional method.
FIG. 2 is a schematic of the exchange of messages between an RFID reader RFID-LG and an RFID tag RFID-T according to an asymmetric cryptography method. What is shown therein is a unilateral authentication of the RFID tag RFID-T. After a request A (get certificate) from the RFID reader RFID-LG, the RFID tag sends its certificate to the RFID reader RFID-LG. The certificate of the RFID tag RFID-T has the RFID tag's public key. The public key is made available or conveyed in, for example, a public key signature message PKSN. The certificate of the RFID tag RFID-T has a signature of a certificate issuer. If the RFID reader RFID-LG is unable to successfully verify the certificate of the RFID tag RFID-T, the RFID tag RFID-T will be recognized as not being original, which will cause the process to be terminated. If the certificate is recognized as being valid, the RFID reader RFID-LG will generate a randomized challenge message and send it to the RFID tag. The RFID tag RFID-T computes a response message Re as a function of a private key of the RFID tag RFID-T. Said response message Re is conveyed to the RFID reader RFID-LG. The RFID reader RFID-LG verifies the response message Re using the public key of the RFID tag RFID-T. The RFID tag RFID-T will be accepted or rejected as a function of said verification, which is to say will be recognized as being original or fake.
FIG. 3 describes an attack scenario in the case of authentication according to a conventional method. The present FIG. 3 serves to illustrate a man-in-the-middle attack according to a conventional challenge-response authentication method. A server 33 authenticates a device 31 using an authentication unit 30. The server 33 for that purpose requests a certificate Z of the device 31 by means of a Get_Device_Cert message GDC. In the example shown an attacker 32 has managed to tap into the message flow between the server 33 and the device 31, meaning to eavesdrop on the exchange of messages between the server 33 and the device 31. In accordance with the request, the authentication unit 30 conveys a certificate Z to the server 33 in a Cert message Cert. At an ensuing step S1 of the method the server 33 generates a challenge Ch (or challenge message) as a function of which the authentication unit 30 computes a response message Re. The response message Re can be computed as a function of the implementation of a device authentication method AD(Ch). The response message Re can be verified as a function of the implementation of a response authentication method ADR(Re). The server 33 verifies at a step S2 whether the response message Re that was calculated by the authentication unit 30 is valid in terms of the expected response message according to the challenge message Ch.
The server 33 will in the attack scenario described in FIG. 3 therefore have successfully authenticated the device 31, although the attacker 32 will only have forwarded the messages of the server 33 to the device 31. The server 33 erroneously assumes that it is communicating with an original device. The attacker 32 can, though, use a different original device for calculating a valid device authentication response message.
Conventional device authentication methods are often unreliable and cannot be performed without using substantial resources. The lack of reliability associated with conventional methods can arise particularly in connection with creating the challenge message. A multiplicity of instances that greatly increase the need for resources are also necessary in conventional methods. A multiplicity of participating instances can furthermore result in a lack of reliability on the part of the authentication method employed because exchanged messages can be intercepted and/or falsified on their way between the multiplicity of instances.